OWASP Security Shepherd Project - Poor Data Validation 1 (Poor Data Validation Challenge)

Challenge


Solution

     First, input 1 in troll to see what happens.


The order is completed successfully.

    Now, let's see if there is a number validation for negative numbers. Input -1 in troll to see what we got.

The data validation is so poor that it even doesn't check negative number.

    At this point, we can start to play trick on the business logic of this application. For example, buy -200 notBad and 1 troll. (That adds to be zero.)

    That completes the challenge...

留言

The Hottest Articles

OWASP Security Shepherd Project - My Practice & Solutions

OSCP回顧 & 準備建議

OWASP Security Shepherd Project - SQL Injection 3 (Injection Challenge)